Biometric Information Notice and Consent

Biometric Information Notice and Consent

Last updated: June 18, 2025

This Notice and Consent (“Consent“) describes how AuthenticID collects and processes certain categories of personal information in connection with the services provided by AuthenticID (“Services“). By providing your consent you acknowledge and agree that you have been provided with and agree to be bound by the AuthenticID Terms of Service  and Privacy Policy . Any capitalized terms used herein but not defined shall have the meaning set forth in the AuthenticID Privacy Policy.

Please carefully review the details below prior to consenting to our collection and use of your information. Please note that once consent has been provided for the collection and processing of your information as part of your verification it may not be revoked where it is required to complete the transaction for which it was collected, or to complete the verification Services.

1. What is Biometric Information?

Biometric Information is a form of personal information related to biometric characteristics which may be used to identify you. Common examples include fingerprints, voiceprints, scans of a hand, facial geometry recognition, and iris or retina recognition. As used in this policy, Biometric Information includes any “biometric identifiers” or “biometric information” as defined under applicable law. For more information about the information collected by AuthenticID, as well as additional details about how this information may be processed, please see our Privacy Policy.

2. Biometric Data Collection

The information we collect will vary depending on the specific Services applicable. In most cases, we collect Biometric Information on behalf of our customers, and the customer is responsible for obtaining necessary consents for our processing of such Biometric Information. You should review the privacy policy of the respective customer for more information on how they may use or share your Biometric Information.

In the event we collect Biometric Information as a controller, we may store and use such Biometric Information for purposes of identity verification and related services, including without limitation training of models, fraud detection and prevention, or for other purposes with your consent. In the event we collect Biometric Information as a controller, we will not sell or trade your biometric information. Please see the “Information We Collect” Section of the Privacy Policy for more details.

3. Retention Schedule

Unless otherwise required by an order from a court of competent jurisdiction or applicable law, we will delete your Biometric Information in accordance with our Privacy Policy or the retention schedule specified in the consent or notice that you have agreed to. Please see the “Retention” section of our Privacy Policy for more details. If not otherwise specified, we will permanently and securely upon the earlier of the expiration of the retention period specified by the customer, or three years after your last interaction with us.

4. Data Security

AuthenticID will use a reasonable standard of care to store, transmit and protect from disclosure any Biometric Information it collects.

5. Disclosure of Biometric Information

For Biometric Information collected by AuthenticID as the controller, we may share Biometric Information for the purposes described in the “How We Disclose Information” section of our Privacy Policy. As further described in our Privacy Policy, we may share Biometric Information with the following categories of third parties:

  • Corporate affiliates and subsidiaries. We may disclose Consumer Health Data to our affiliated companies and subsidiaries.
  • Partners, service providers and vendors. We may disclose Consumer Health Data to our partner, service providers and/or vendors in order to facilitate the provision of our services.
  • Parties to a corporate transaction. We may disclose Consumer Health Data as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.
  • Government and law enforcement agencies. As described in our Privacy Policy, we may disclose data to law enforcement or other government agencies when we believe doing so is necessary to comply with applicable law or respond to valid legal process.
  • Other third parties. In certain circumstances, it may be necessary to provide data to other third parties, for example, to exercise our rights, comply with the law or to protect our rights or those of our customers or partners.
  • With your consent or upon your request.

For Biometric Information collected by AuthenticID on behalf of our customer, please review the customer’s privacy policy regarding how such information may be shared.

6. Can I Request Deletion of My Biometric Information?

Yes, for Biometric Information collected by AuthenticID as the controller, you may request deletion or other access to your Biometric Information. Please see the “Your Choices and Rights” section in our Privacy Policy for more details. For Biometric Information collected by AuthenticID on behalf of our customer, you should submit your request to the applicable customer. Please review the customer’s privacy policy for more details.  

7. Changes

This Biometric Information Notice and Consent may be periodically updated by us.